Magento 2 CSP Reports Extension

Starting from 2.3.5 version, Magento supports Content Security Policies (CSP) module - powerful functionality that controls resources the browser is allowed to load for a specific page. This ensures website protection against Cross Site Scripting (XSS) attacks, including card skimmers, session hijacking, and more. Magento also provides the ability to configure the functionality at the programming level, which requires coding skills and lacks a violation monitoring tool for admins.

Our free Magento 2 CSP Module streamlines security management for both developers and admins. Store admins can configure CSP modes directly from the admin panel and effectively monitor policy violations with a user-friendly CSP reports grid. This enables timely issue identification and fixing to ensure a secure online shopping experience for customers. Additionally, the extension reduces the time for developers to whitelist safe resources and delete others.

All Features:

• NEW! Magento 2 CSP Reports Extension is compatible with Hyvä Themes
• Ability to change the Magento 2 Content Security Policy mode to “Restrict” or “Report Only” directly from the admin panel, separately for the storefront and admin areas
• Displaying Magento 2 Content Security Policy violation report in a convenient grid view
• The Magento 2 CSP report grid includes the following information: Host and Violated Directive, Resource URL and Page URL where the violation occurred, Action (reporting or blocking the resource), Report Count, and Last Report Date
• Ability to clean up the report from errors that haven't been reported again in a specified time period
• Admin notification about each new Content Security Policy violation
• 100% open code Magento 2 extension